Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H0L2orJkcRf3jIo-bznKnU7pcMY.roa
File: H0L2orJkcRf3jIo-bznKnU7pcMY.roa (raw, json)
Hash identifier: 9ITLSmHLV/o0zioFNymwmKFR+uXU7BzJk10qgjT2AEU=
Subject key identifier: 1F:42:F6:A2:B2:64:71:17:F7:8C:8A:3E:6F:39:CA:9D:4E:E9:70:C6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0189D58EE60AC342C684561FF73E9DF4E6CE
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H0L2orJkcRf3jIo-bznKnU7pcMY.roa
Signing time: Tue 08 Aug 2023 14:30:59 +0000
ROA not before: Tue 08 Aug 2023 14:30:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50025
IP address blocks: 31.148.240.0/22 maxlen: 24
93.171.188.0/22 maxlen: 24
146.158.68.0/22 maxlen: 24
93.170.160.0/22 maxlen: 24
146.158.16.0/22 maxlen: 24
31.148.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:8e:e6:0a:c3:42:c6:84:56:1f:f7:3e:9d:f4:e6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 8 14:30:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f42f6a2b2647117f78c8a3e6f39ca9d4ee970c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:22:06:73:35:ae:aa:3f:dd:44:84:93:fa:fa:
68:4a:2b:be:d6:17:56:5c:46:61:67:1c:ce:7c:34:
e7:d2:d8:21:68:c7:59:e8:22:29:4d:d7:cd:2c:0b:
3e:d8:6a:c8:c4:ae:33:fd:48:b0:22:1b:3a:9a:3e:
53:0e:5b:fe:44:4e:f3:a5:f1:37:29:9b:3e:d6:56:
d5:f2:f8:16:e6:9b:db:7d:66:76:b6:23:ca:58:8d:
cf:6b:be:61:5b:bf:07:87:24:17:3e:5e:08:f4:6e:
50:4f:c8:d6:48:e3:5a:ec:54:5e:c6:27:9a:13:ce:
96:2e:ac:f2:47:67:eb:d2:89:18:fc:fb:77:bc:1c:
cf:d9:66:68:85:8b:a7:c1:5a:19:8b:88:68:ea:12:
b0:e0:78:f1:c4:47:02:14:99:22:01:a4:96:64:28:
81:4d:8a:f1:fd:fd:58:c6:63:96:14:2b:18:0f:f4:
18:06:c6:7c:87:e6:b5:c9:82:07:f4:63:04:8b:1a:
2c:db:5f:32:97:9a:be:1f:47:db:81:86:22:61:42:
2e:81:1c:81:a3:6a:68:6b:9e:40:d8:0f:ba:a5:a4:
e7:a8:9f:5b:e9:2c:37:0d:bc:c0:c0:0b:3d:48:52:
0e:6a:8c:2e:b6:f3:a0:83:22:79:d6:96:92:1c:eb:
6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:42:F6:A2:B2:64:71:17:F7:8C:8A:3E:6F:39:CA:9D:4E:E9:70:C6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H0L2orJkcRf3jIo-bznKnU7pcMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.208.0/22
31.148.240.0/22
93.170.160.0/22
93.171.188.0/22
146.158.16.0/22
146.158.68.0/22
Signature Algorithm: sha256WithRSAEncryption
27:5e:1d:f7:17:dc:23:54:30:58:a1:b9:f1:16:8f:d0:ae:c1:
e0:2a:46:7b:a2:07:ce:81:31:5a:6b:3d:06:be:fc:de:b8:c3:
e5:4a:b2:e0:bc:a4:49:e1:7f:31:f3:48:bb:51:b6:c9:0f:cf:
a2:64:63:79:df:40:ed:6c:c3:4e:c9:6b:ce:78:ff:99:b9:65:
0b:80:23:32:b3:c0:2d:8d:37:3a:18:c2:1d:36:57:0a:5c:27:
9d:14:8a:88:55:ea:b9:0b:9f:d2:c3:fb:4b:a5:a2:84:47:71:
41:a2:ee:54:4d:24:4b:2f:2f:94:32:a6:c6:9a:36:ef:45:3c:
bf:db:67:59:8b:95:e6:eb:8c:12:f5:ed:ac:63:f8:c9:1b:bb:
8d:b3:f1:7a:20:23:e4:1c:75:56:04:1a:d0:e1:33:80:5b:f5:
8c:37:3e:0b:49:bd:03:da:d0:d7:6f:fd:7f:29:78:92:5c:59:
46:b0:15:f5:63:bc:3a:17:04:23:90:d4:d4:43:62:de:d2:ef:
49:46:9f:15:17:07:a5:3c:18:48:1c:66:c5:48:83:32:d5:46:
4c:bf:e4:cb:ea:32:a2:8b:46:c8:9b:63:d9:41:d1:5d:82:33:
45:6e:a1:60:66:c6:4a:74:45:ba:d9:e8:51:5c:0a:1f:b1:9e:
49:9f:3b:09
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYnVjuYKw0LGhFYf9z6d9ObOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwODA4MTQzMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQyZjZhMmIyNjQ3MTE3Zjc4YzhhM2U2ZjM5Y2E5ZDRlZTk3MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCIGczWuqj/dRIST+vpoSiu+1hdW
XEZhZxzOfDTn0tghaMdZ6CIpTdfNLAs+2GrIxK4z/UiwIhs6mj5TDlv+RE7zpfE3
KZs+1lbV8vgW5pvbfWZ2tiPKWI3Pa75hW78HhyQXPl4I9G5QT8jWSONa7FRexiea
E86WLqzyR2fr0okY/Pt3vBzP2WZohYunwVoZi4ho6hKw4HjxxEcCFJkiAaSWZCiB
TYrx/f1YxmOWFCsYD/QYBsZ8h+a1yYIH9GMEixos218yl5q+H0fbgYYiYUIugRyB
o2poa55A2A+6paTnqJ9b6Sw3DbzAwAs9SFIOaowutvOggyJ51paSHOttywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB9C9qKyZHEX94yKPm85yp1O6XDGMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSDBMMm9ySmtjUmYzaklvLWJ6bktuVTdwY01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH5TQAwQC
H5TwAwQCXaqgAwQCXau8AwQCkp4QAwQCkp5EMA0GCSqGSIb3DQEBCwUAA4IBAQAn
Xh33F9wjVDBYobnxFo/QrsHgKkZ7ogfOgTFaaz0GvvzeuMPlSrLgvKRJ4X8x80i7
UbbJD8+iZGN530DtbMNOyWvOeP+ZuWULgCMys8AtjTc6GMIdNlcKXCedFIqIVeq5
C5/Sw/tLpaKER3FBou5UTSRLLy+UMqbGmjbvRTy/22dZi5Xm64wS9e2sY/jJG7uN
s/F6ICPkHHVWBBrQ4TOAW/WMNz4LSb0D2tDXb/1/KXiSXFlGsBX1Y7w6FwQjkNTU
Q2Le0u9JRp8VFwelPBhIHGbFSIMy1UZMv+TL6jKii0bIm2PZQdFdgjNFbqFgZsZK
dEW62ehRXAofsZ5JnzsJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:49 2024 by rpki-client on console-ams.rpki-client.org